Secure Oracle password injection for the Pega Upgrade process

General
, , , ,
1

Hello team.

We are performing the upgrade from Pega 8.8.2 to 24.1.2. Previously we had performed the upgrade adding the Oracle password to the setupDatabase.properties file and running the upgrade script. Now we need a way to perform this operation injecting the password in a secure way such that is not exposed or accessed after the injection.

How could we achieve this?

Thank you.

2

@NicolasB4893

wouldn’t it be easier to create a specific user for the migration while would be valid for a short period of time?

  • create specific user/pass
  • set it in properties file
  • perform upgrade
  • delete user
    I think you can even restrict the number of sessions of this user so if you’re connected and someone tries to use the same at same time, then it won’t work.

I agree that this is not a reply to the question :slight_smile:

Regards

Anthony

3

The approach that worked for us was to create a temporary ID for the upgrade as suggested by Anthony. After this, the person from security injected the password in the setupDatabase.properties file, I ran the upgrade script, and then the person from security removed the password. With this we managed to successfully perform the upgrade without compromising the Oracle ID password.